// Lightweight auth utilities and guards
const Auth = (() => {
  function requireAuth() {
    const token = ApiClient.getToken();
    if (!token) {
      const current = encodeURIComponent(location.pathname + location.search);
      location.href = `/login.html?redirect=${current}`;
    }
  }

  function logout() {
    ApiClient.clearAuth();
    location.href = '/login.html';
  }

  return { requireAuth, logout };
})();


